Consumers and businesses increasingly rely on the stability, security, and flexibility of their computing systems. For this reason, many computing systems include software components (such as anti-virus software, backup software, or application-streaming software) that improve the system's stability, security, and/or flexibility by filtering input/output (I/O) operations (e.g., monitoring, manipulating, and/or modifying I/O operations) performed within an operating system of the system.
Generally, such filtering components execute within the same operating system whose I/O operations the filtering components are meant to regulate. However, filtering components that execute within the same operating system that the components are designed to regulate may suffer from a variety of disadvantages. For example, such filtering components may be vulnerable to the very problem they are designed to address: e.g., an anti-virus component may be targeted by malware that exploits an operating-system's vulnerabilities or a backup component may lose data due to an operating system failure. Such filtering components may also be limited to operating within the specific operating system for which they are designed.
In an attempt to address these problems, software vendors may integrate certain filtering components into a hypervisor that monitors a virtual machine running a guest operating system. The filtering components may then filter the I/O communications of the guest operating system from the hypervisor. However, this approach may also suffer from a variety of deficiencies. For example, due to the large number of commercially available hypervisors, this approach may require software vendors to design each of their filtering components for a specific type of hypervisor. Furthermore, some hypervisors may not be extensible with filtering components, which may force users to choose between a preferred hypervisor that is not extensible and an otherwise inferior hypervisor that is extensible.